package com.woniuxy.utils;

import com.nimbusds.jose.*;
import com.nimbusds.jose.crypto.MACSigner;
import com.nimbusds.jose.crypto.MACVerifier;

import java.text.ParseException;
import java.util.Map;

public class JwtUtil {
    // 密钥，请确保其足够复杂且长度满足要求 (HS256要求至少256位，即32个字符)
    private static final String secretString = "token!Q2W#E$RWtoken!Q2W#E$RWtoken!Q2W#E$RW";

    /**
     * 根据传入的Payload Map生成一个JWT Token
     * @param map Payload，会包含用户ID、用户名、权限ID等
     * @return 生成的Token字符串
     * @throws JOSEException
     */
    public static String getToken(Map<String, Object> map) throws JOSEException {
        // 1. 生成JWT头部，指定HS256算法
        JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.HS256)
                .type(JOSEObjectType.JWT).build();

        // 2. 根据传入的map创建Payload
        Payload payload = new Payload(map);

        // 3. 创建签名器
        JWSSigner jwsSigner = new MACSigner(secretString);

        // 4. 创建JWS对象并进行签名
        JWSObject jwsObject = new JWSObject(header, payload);
        jwsObject.sign(jwsSigner);

        // 5. 返回序列化后的Token字符串
        return jwsObject.serialize();
    }

    /**
     * 验证一个JWT Token的签名是否有效
     * @param jwt Token字符串
     * @return 验证结果 (true为有效)
     * @throws ParseException
     * @throws JOSEException
     */
    public static boolean verifyJwt(String jwt) throws ParseException, JOSEException {
        JWSObject jwsObject = JWSObject.parse(jwt);
        JWSVerifier jwsVerifier = new MACVerifier(secretString);
        return jwsObject.verify(jwsVerifier);
    }

    /**
     * 获取JWT中的完整Payload信息
     * @param jwt Token字符串
     * @return 包含Payload信息的Map
     * @throws ParseException
     */
    public static Map<String, Object> getPayload(String jwt) throws ParseException {
        JWSObject jwsObject = JWSObject.parse(jwt);
        return jwsObject.getPayload().toJSONObject();
    }

    /**
     * 从JWT中直接获取用户ID
     * @param jwt Token字符串
     * @return 用户ID (Integer)
     * @throws ParseException
     */
    public static Integer getUserId(String jwt) throws ParseException {
        Map<String, Object> map = getPayload(jwt);
        Object idObj = map.get("id"); // "id"是您放入时使用的key
        if (idObj instanceof Integer) {
            return (Integer) idObj;
        } else if (idObj instanceof Long) {
            return ((Long) idObj).intValue();
        }
        throw new ClassCastException("无法将 " + (idObj != null ? idObj.getClass() : "null") + " 转换为 Integer");
    }

    /**
     * 【新增】从JWT中直接获取用户权限ID
     * @param jwt Token字符串
     * @return 权限ID (Integer)
     * @throws ParseException
     */
    public static Integer getRoleId(String jwt) throws ParseException {
        Map<String, Object> map = getPayload(jwt);
        Object roleIdObj = map.get("roleId"); // "roleId"是您放入时使用的key
        if (roleIdObj instanceof Integer) {
            return (Integer) roleIdObj;
        } else if (roleIdObj instanceof Long) {
            return ((Long) roleIdObj).intValue();
        }
        throw new ClassCastException("无法将 " + (roleIdObj != null ? roleIdObj.getClass() : "null") + " 转换为 Integer");
    }
}